Disintegration and Compartmentalization: Necessary Best Practices

Safety Deposit Boxes in Safe Bank.

Several months ago, I wrote about my never-ending privacy story. Since then, I’ve given numerous presentations about security and personal privacy. In one of those presentations, I talked about how using personal clouds (e.g., Nextcloud) could limit your exposure to those who offer you their “free” services in exchange for your personal data. But there has always been an elephant in the room. Specifically, we want to have a simple and easy desktop experience – myself included. And most people will trade almost anything for that experience. But those carefree times where everything is “free” and everything is “safe” are now disappearing. So to kick my privacy efforts up another notch, I’ve begun the process of online compartmentalization.

As you read that word, many of you might be thinking about the psychological consequences of compartmentalizing your life. And almost every psychologist will tell you that breaking your life down into smaller fragments separated by impenetrable walls can be unhealthy. These self-imposed walls separate your family life from your work life and your faith life. Some people keep all sorts of separate personalities locked up in secure closets. And this can be a terrible burden.

But when it comes to privacy and security, you can no longer afford to keep all of your eggs in one basket. In fact, compartmentalization is now becoming an altogether mandatory part of a “connected” life. You should not let data from your home life be accessible to actors in your work life. And it would be wise to dis-integrate your work life from your home life.

The Technologies of Disintegration

In order to protect the integrity of the various roles in our life, you need to isolate data. But that is increasingly difficult. For example, most businesses ask you to be “on call” twenty-four hours a day, seven days a week. But they don’t want to pay for a separate phone. And they want to ensure that any personal equipment does not exfiltrate company data and/or intellectual property. So most companies reserve the right to access all of your phone’s capabilities (and data) in order to protect any of their data which might be on the phone.

You can easily see the problems with this example. If you are considering alternate employment, it might be unwise to let your current employer have unfettered access your email and instant messages with potential future employers. Fortunately, there are technologies that can help you build the walls that you might want (or need). These include: virtualization, containers, and secure cloud services.

Step One: Use Application Virtualization

We are victims of a culture that shares way too much information. For many of us, we willingly share data with companies that we shouldn’t trust. We do this so that we can share even more personal data with friends who really aren’t our friends.

And we count upon our applications to enable this kind of sharing. We unconsciously (and indiscriminately) copy and paste data between apps. Of course, this allows bad actors to exploit data sharing as a channel for data exfiltration or data corruption.

But if we want to protect ourselves, we need to erect barriers between apps. And the latest means of erecting such barriers is to exploit containers. Whether we use snap or flatpak, we are adding an execution layer that seeks to impose barriers. And the same thing is rue for the other darling of micro-services: Docker. Like the app management tools provided by Linux distro teams, the folks at Docker are trying to standardize application execution and enable application isolation.

Among other activities this summer, I’ve invested quite a bit of personal time into Docker, docker-compose, and a variety of support apps. And I now use Docker for Plex, Let’s Encrypt, most web servers (and proxies), the TICK stack (i.e., Telegraf, InfluxDB, Chronograf, and Kapacitor), and a variety of home automation applications.

Step Two: Use A Secure OS

Nevertheless, sometimes, you need more than just a good application manager. In order to effectively use compartmentalization as a defense, you need to get onto a more secure OS. Most security experts will tell you that there are many platforms that are intrinsically more secure than Windows. Yes, you can harden Windows. I know. I’ve done it for myself and for other. At the same time, you need to use a platform that is not built by someone who makes money off of your identity (e.g., Apple).

Earlier this summer, I finally switched to a Linux-only infrastructure. All of my Windows servers are gone. And all of my Windows desktops are now Linux desktops. I have rooted all of the phones that I can and replaced their OS with one that is no longer dependent upon Google services.

Step Three: Use System Virtualization

While you may run your apps in virtual environments and/or containers, you probably need more compartmentalization. Yes, you should isolate your apps. But you also need to isolate systems from one another. Indeed, there are times when you need more than just a secure app. You need a secure stack.

Over the past few months, I’ve started using virtual machines to isolate applications that are accessible from the Internet. I do this so that I can minimize the damage that can be done from any single app to the OS that it runs upon. By adding system isolation in addition to app isolation, I have increased the security and availability of my customer applications.

Step Four: Use The Most Secure Platform That You Can Afford

All of us can be more secure. But for some of us, the cost of maximum security must be paid – either in coin of the realm or in tokens of inconvenience. For me, my most important resource is my time. So I carefully choose each and every experiment that I undertake. And this past weekend, I finally chose to take the leap – and I finally added Qubes OS 4.0 to my core laptop.

The process of moving to Qubes was frustrating. I had just reclaimed a 500GB external SSD drive. And it took about four (4) hours to get Qubes installed. It’s really not that hard. But special partitioning and formatting was required in order to write to the drive. In the end, I had to write the boot image onto a raw partition on a thumb drive. I then had to update grub on my internal drive so that I could multi-boot. Finally, I re-partitioned the SSD drive and finally wrote Qubes to the external drive. After completing the installation, I can now boot to either my internal Ubuntu 19.04 system or to my Qubes OS 4.0 system.

Step Five: Consciously Choose Your Threshold of Inconvenience

I must now learn how to use my “reasonably secure OS” to perform my day-to-day activities. Last night, I spent a few hours setting up my entertainment / streaming apps. [Note: Yes, they are important. I really do like to listen to music as I write.] And for what it’s worth, I am now writing this post from my Qubes OS system. It took some time to set up NoScript properly. But once I did that, I’ve had little problems with this blog post. And earlier this morning.

Alright, that’s not altogether true. The simple process of sharing files between processes is a tad more complex. For example, when taking a screenshot of the entire desktop, the file is stored in the dom0 (i.e.,master domain) file system. So I had to learn how to copy files to/from dom0. But once I figured that out, I realized that the process isn’t nearly as hard as it had originally seemed.

Takeaways

I’ve finally addressed some structural insecurities in how I use my computers – both at work and at home.

  • We moved to a Linux-based system.
  • The team migrated to containers both for casual (desktop) apps and for more service-oriented applications.
  • Our IT team moved key services onto virtual machines that could be isolated from less disciplined processes.
  • Finally, I converted my primary laptop to an even more secure OS (i.e., QubesOS) – one that features compartmentalization and maximum isolation).

Do you need to do all of these things? I won’t answer that for you. But as for myself, I needed to become more secure. So I took those steps that I needed to take in order to become safer and to secure my private life from public scrutiny.

IT Is Supposed To Work, Right?

IT Doesn't Have To Be A Horror Show

For many companies, the IT department is not the department of solutions. Rather, it is the department that misses deadlines, omits requirements, and frustrates the people who really make money within a company. Truth be told, most companies aren’t in the business of IT. Most companies make money either because they design products, they build products, they deliver products, or they support products. And these products are (hopefully) desired by their customers. IT exists in order to facilitate the real business of a company.

So why does IT fail so often? Or stated differently, why does IT believe it is being misrepresented in the board room?

These questions are important. In many companies, IT has adopted an air of superiority. IT leaders have sought to “rebuild” companies based upon what they believe is the “best” corporate strategy. Sometimes, the IT leaders are right. Most times, the IT leaders are deceiving themselves and possibly defrauding their stakeholders.

What Is The Purpose Of IT?

While IT can be a means of generating unique value within some companies, everyone must admit that successful IT teams take part in the routine operation of every business. IT is used for accounting and finance. IT is used for sales and marketing. IT is used for product design and product testing. IT is used for manufacturing and shipping. But in many ways, IT is now like real estate or office supplies. Every company has to have IT (and the tools and capabilities that IT delivers) if only to perform the uninspiring parts of routine operations.

This is very reminiscent of many other key technology waves throughout our history. In particular, I am reminded of the effects created by the introduction of the printing press and the introduction of double-entry bookkeeping. Both of these technologies were a means of enhancing (and accelerating) work that was already being done. In the case of movable type, the printing press replaced the people who were hand-writing scrolls and books. In the case of double-entry bookkeeping, accounts and ledgers augmented the role of simple storage vaults. Both of these technologies introduced remarkable transformations in society. And like these technologies, IT has been the source of remarkable changes.

Like the aforementioned technologies, the transformational capability of IT is highlighted in how IT has replaced burdensome, tedious, and dis-spiriting office drudgery. IT has released office workers from the burdens of the mundane so that they can focus upon the creative and inspiring work that is before them.

When IT Works

IT works when its advantages are almost seamless. In a very real sense, you know that IT is working best when it is taken for granted the most. While IT wants to be part of the “main event”, the most successful projects are often the ones where success is achieved when IT is like the invisible hand of Adam Smith.

The Commoditization of IT Services

When I began my career, IT was the place where the best and brightest minds worked insane hours in order to deliver the ‘next big thing’. This was true for the PC. It was true for operating systems (e.g., CP/M, Windows, OS/2, etc). It was also true for “custom-built” corporate services. In the nineties, corporations spent millions of dollars building customized ‘clones’ of ERP and CRM systems.

Today, all of that has changed. Hardware is a commodity. And software is now the ‘table stakes’ for hardware vendors – and service providers. Because of the “free software” movement of the eighties, the core of almost all systems now contains free/open components. At the same time, customers now believe that they should get both hardware and software for free. Most are willing to trade their birthright (i.e., privacy and independence) for a subscription fee.

Commodity Markets Are Challenging

If you accept the premise that IT products are now commodities, then there are a few economic consequences. Commodity markets usually have a low cost of entry. That means that there are (and will be) many competitors in any given market.

  • This is true for computer hardware. You can get great hardware for a very low price. You can get hardware from Chinese companies, from Korean companies, or from a host of other “offshore” suppliers. Even the United States still has some “onshore” fabs (e.g., Intel). But the majority of fabs are overseas. And they produce economically compelling components. It is fascinating that while chip/system designers can be found anywhere in the world, most fabs are in Asia. Bottom line: Fabs are expensive. So they succeed only through economies-of-scale. Until new computing technologies emerge (e.g., quantum computers), it will be very difficult to defeat offshore fabs that are funded by national governments.
  • It is also true for IT manpower needs. Today, you can get software services from India, China, southeast Asia, eastern Europe, and even South America. With millions of programmers worldwide, the job of writing mundane software is no longer differentiating. Bottom line: The labor winners will be the people and organizations that can take their margin from software laborers. Alternatively, it is still possible to specialize within specific industries (e.g., healthcare, aerospace, etc).
Making IT Matter – Again

Cheap hardware, cheap labor, and free software are making IT less specialized – especially at the component level. It is no longer possible to simply be a good analyst, a good programmer, or a good operator. Successful IT teams must be able to build comprehensive solutions from all of the available parts. Like residential architects, the successful IT leaders will know what is available in the market. They will know how to integrate standardized components into a working solution. They will know how to operate that solution in order to maximize the economic impact (of the solution) upon the business. In short, they will work with the owner to meet their functional desires. They will select the standardized components needed to meet the economic objectives of the owner. And they will know where to get the best labor to do the assembly, testing, and implementation of the solution.

Can someone make money being a specialist? Yes. But most specialists must be undisputed experts. Or you can make money by achieving economies-of-scale and operating with razor-thin margins. If you can do either, then you can make remarkable sums of money. If you can’t, then systems integration and solutions architecture may be your next best avenue for success.

Browser Security Bypasses Abound

browser security at risk
Browser Security At Risk

Browser Security Threats Discovered

According to the Catholic University of Leuven in Belgium (KU), every modern browser is susceptible to at least one method of bypassing browser security and user privacy.  In an article on the subject, Catalin Cimpanu (of BleepingComputer) reported that new (and as yet unexploited) means of bypassing cookie controls are apparently possible.  KU researchers reported their findings to the browser developers and posted their results at wholeftopenthecookierjar.eu.

Don’t expect all browser vendors to solve all browser security issues immediately. Indeed, expect many people to howl about how these vulnerabilities were reported. But regardless of the manner in which the news was delivered, every customer must take it upon themselves to implement multiple layers of protection. A comprehensive approach should (at a minimum) include:

  1.  A safe browser,
  2. Safe add-ons (or extensions) that include cookie and browser element management (e.g., uBlock Origins, NoScript, and uMatrix)
  3. A means of reducing (and possibly eliminating) Javascript, and
  4. Effective blocking of “well-known” malware domains.
Bottom Line

Shrek was right.  Ogres are like onions – and so is security. Effective security must include multiple layers. Be an ogre; use layers of security